{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-52012","assignerOrgId":"f0158376-9dc2-43b6-827c-5f631a4d8d09","state":"PUBLISHED","assignerShortName":"apache","dateReserved":"2024-11-04T19:07:57.861Z","datePublished":"2025-01-27T08:54:42.907Z","dateUpdated":"2025-02-06T16:11:37.353Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Apache Solr","vendor":"Apache Software Foundation","versions":[{"lessThanOrEqual":"9.7.0","status":"affected","version":"6.6","versionType":"semver"}]}],"credits":[{"lang":"en","type":"finder","value":"rry"}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>Relative Path Traversal vulnerability in Apache Solr.</p>Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the \"configset upload\" API.&nbsp; Commonly known as a \"zipslip\", maliciously constructed ZIP files can use relative filepaths to write data to unanticipated parts of the filesystem.&nbsp;&nbsp;<br><p>This issue affects Apache Solr: from 6.6 through 9.7.0.</p><p>Users are recommended to upgrade to version 9.8.0, which fixes the issue.&nbsp; Users unable to upgrade may also safely prevent the issue by using Solr's \"Rule-Based Authentication Plugin\" to restrict access to the configset upload API, so that it can only be accessed by a trusted set of administrators/users.</p>"}],"value":"Relative Path Traversal vulnerability in Apache Solr.\n\nSolr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the \"configset upload\" API.  Commonly known as a \"zipslip\", maliciously constructed ZIP files can use relative filepaths to write data to unanticipated parts of the filesystem.  \nThis issue affects Apache Solr: from 6.6 through 9.7.0.\n\nUsers are recommended to upgrade to version 9.8.0, which fixes the issue.  Users unable to upgrade may also safely prevent the issue by using Solr's \"Rule-Based Authentication Plugin\" to restrict access to the configset upload API, so that it can only be accessed by a trusted set of administrators/users."}],"metrics":[{"other":{"content":{"text":"moderate"},"type":"Textual description of severity"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-23","description":"CWE-23 Relative Path Traversal","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"f0158376-9dc2-43b6-827c-5f631a4d8d09","shortName":"apache","dateUpdated":"2025-01-27T08:54:42.907Z"},"references":[{"tags":["vendor-advisory"],"url":"https://lists.apache.org/thread/yp39pgbv4vf1746pf5yblz84lv30vfxd"}],"source":{"defect":["SOLR-17543"],"discovery":"EXTERNAL"},"title":"Apache Solr: Configset upload on Windows allows arbitrary path write-access","x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"title":"CVE Program Container","references":[{"url":"http://www.openwall.com/lists/oss-security/2025/01/26/2"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-01-27T09:03:17.022Z"}},{"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":5.4,"attackVector":"NETWORK","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","integrityImpact":"LOW","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"NONE","privilegesRequired":"LOW","confidentialityImpact":"LOW"}},{"other":{"type":"ssvc","content":{"timestamp":"2025-01-27T13:34:11.686039Z","id":"CVE-2024-52012","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-02-06T16:11:37.353Z"}}]}}